TRENDS AND ISSUES

utterlypanoramicSecurity

Nov 30, 2013 (3 years and 7 months ago)

48 views

SECURE DEVICE
ASSOCIATION:

TRENDS AND ISSUES

Presenter Gicheol Wang

Yasir Arfat Malkani, Dan Chalmers, and
Ian Wakeman

presented by
gcwang

Outline


Introduction


Problem


Challenges


Background


Summary and Future Directions for Research

2013
-
11
-
30

2

presented by
gcwang

Introduction

Mobile Ad Hoc Environments


More and more devices every day


Varying size and capabilities


Varying connection methods (e.g. Cable, Bluetooth, etc)


Varying user interface (rich, moderate and poor)


Spontaneous method of interaction


Increasing Mobility in devices


Use of wireless technology in some form


e.g. 802.11,Bluetooth, Infrared, Zigbee, Wibree, etc


Frequent associations and disassociations


e.g. pairing of Bluetooth enable headset with mobile
phone or MP3 player, pairing IR remote with laptop, etc.

2013
-
11
-
30

3

presented by
gcwang

Problem

-------------------------

Intended Communication

___________

Actual Communication

Man
-
in
-
the
-
middle
attacker


A


B


E



Solution

Establishing secure channel between the pairing devices



Eavesdropping



Disclosure of sensitive information to 3
rd

Party




Manipulation



Illegitimate analysis and modification of data



Can cause Denial
-
of
-
Service (DoS)



E
can gain control over the device B

2013
-
11
-
30

4

presented by
gcwang

Challenges


No prior context


Devices lack prior knowledge of each other due to ad hoc
nature


No pre
-
shared secret key


Traditional key exchange/agreement approaches
(e.g. Diffie
-

Hellman) are not secure against MiTM
attack


Variations in device capabilities


Communication channels


User
-
interfaces


Power and computational resources


Sensing technology, etc.

2013
-
11
-
30

5

presented by
gcwang

Attack Types in Device Association Model


Eavesdropping and MiTM attack


Discussed in previous slides


Denial
-
of
-
Service (DoS) attack


Prevent communication between wirelessly connected nodes


Prevents pairing partners to establish a secure channel


Bidding
-
Down attack


It is possible, where a list of choices to establish a secure
channel is available


The goal is to fool (bid
-
down) the devices to use weaker
security than is possible


Compromised Devices


Difficult to prevent at the protocol level


Could suggest pairing with only the adversary’s device


Could run a weak pairing protocol

2013
-
11
-
30

6

presented by
gcwang

Background


Resurrecting Duckling Security Model


Talking to Strangers


Visual Out
-
of
-
Band Channels


Audio Out
-
of
-
Band Channels


Accelerometer
-
Based Approaches


Radio
-
Signals Based Approaches


Biometrics
-
Based Approaches


Button Enabled Device Association (BEDA)


Industry and Standardization Bodies

7

2013
-
11
-
30

presented by
gcwang

Resurrecting Duckling Security Model


Exchange encryption key in plain
-
text form using
a physical medium, such as cable


No cryptography required






Cables are cumbersome


Not all the devices have similar physical interface

8

2013
-
11
-
30

presented by
gcwang

Talking to Strangers


Extended Resurrecting Duckling security model


Two
-
phase authentication


Use infrared as an out
-
of
-
band (OOB) channel


Susceptible to eavesdropping


e.g. Two remotes and one projector





Rene Mayrhofer et al.


Use laser [4, (2007)] and Ultrasound [5, (2007)]


Requires interface and/or additional hardware,
such as laser/ultrasound transceiver

9

2013
-
11
-
30

presented by
gcwang

Visual Out
-
of
-
Band Channels


Seeing
-
is
-
Believing (SiB) by McCune et al.


Use camera phones and bar codes to create visual OOB
channel


Secure Device Pairing Based on Visual Channel by
Saxena et al.


Proposed an improvement to SiB through the use of LED
and short authenticated integrity checksums


Not all devices are equipped with camera


Might not be enough light at some places to scan bar
codes properly


Not all devices have big enough displays to show 2D
bar codes


In some situations, camera equipped devices cannot
be placed sufficiently near


Camera
-
equipped devices are not allowed in security
-
sensitive areas

10

2013
-
11
-
30

presented by
gcwang

Audio Out
-
of
-
Band Channels


Loud and Clear (L&C)


Use audio as OOB channel for human
-
assisted authentication


Derive auditorially
-
robust, syntactically correct, but nonsensical
(MadLib) sentence from hash of a public key


Compare the vocalized sentences


Human
-
Assisted Pure Audio Device Pairing (HAPADEP)


Pairing two devices that have no common standard wireless
channel at the time of pairing


Use audio to exchange both cryptographic material and protocol
messages


Not applicable to pairing scenarios where one of the devices does
not have a display and/or a speaker (or microphone in case of
HAPADEP)


Not suitable for hearing
-
impaired users


Not feasible in noisy environments


Places burden on user to compare the two Madlib sentences or
Melodies

11

2013
-
11
-
30

presented by
gcwang

Accelerometer
-
Based Approaches

12

2013
-
11
-
30


Smart
-
its
-
Friend
by Holmquist et al.


Use common readings from the embedded accelerometers in
the devices


Security has not been the major concern


Are You With ME
by Lester et al.


Use accelerometers’ data to show that a set of devices is being
carried by the same person


Shake
-
Well
-
Before
-
Use
by Mayrhofer et al.


Combine cryptographic primitives with accelerometer data
analysis for secure device
-
to
-
device authentication


Require accelerometer in each device


Large variety of devices can not be shaken together

presented by
gcwang

Radio
-
Signals Based Approaches


Radio
-
Based approaches require no or minimal hardware and/or
user involvement


Shake
-
Them
-
Up
by Castelluccia et al.


Movement
-
based technique for pairing two resource
-
constrained
devices, such as sensors.


Use the source indistinguishability property of radio signals


Susceptible to attack by an eavesdropper that exploits the
differences in the base
-
band frequencies of the two radio sources


Amigo
by Varshavsky et al.


Utilize commonality of radio signals from locally available wireless
access points


Extended Diffie
-
Hellman key exchange protocol with the addition of a
key verification stage


Not applicable in the scenarios where radio
-
date is not available


Hard to identify the intended device when many other devices
surround it.

13

2013
-
11
-
30

presented by
gcwang

Biometrics
-
Based Approaches


Biometrics are a common technique for identifying human
beings


Feeling
-
is
-
Believing (FiB)
by Buhan et al
.


Investigated grip pattern


Proposed to generate a shared secret key from biometric data
using quantization and cryptanalysis


Secure Ad
-
hoc Pairing with Biometrics (SAfE)
by Buhan et al.


Keys are extracted from images during the pre
-
authentication
phase


Both of the techniques are based on Balfanz et al. model



Logic and calculations to accurately recognize the biometric
-
patterns are a heavy burden on its applications


Issue regarding the accuracy of recognition techniques still
need more research and improvement


Require biometrics reader in both of the devices

14

2013
-
11
-
30

presented by
gcwang

Button Enabled Device Association
(BEDA)


Transfer the short secret key from one device to the other using
‘button
-
presses’


Then, the short secret key is used to authenticate the public keys of
the devices


There are four variants of BEDA


Button
-
to
-
Button (B
-
to
-
B)


Involves the user simultaneously pressing buttons on both of the devices
within certain random time
-
intervals


Each of these intervals are used to derive 3
-
bits of the short secret key



Display
-
to
-
Button (D
-
to
-
B)


Emits visual signals by showing a blinking square on its screen.



The user reacts to blinking square events by pressing the button on the
other device.



Short
-
Vibration
-
to
-
Button (SV
-
to
-
B)


Transmits signals through short vibration events instead of blinking
square



Long
-
Vibration
-
to
-
Button (LV
-
to
-
B)


Signals are emitted through either the start or the end of a long vibration


15

2013
-
11
-
30

presented by
gcwang

Industry and Standardization Bodies

16

2013
-
11
-
30

Bluetooth Pairing

presented by
gcwang

Industry and Standardization Bodies


Near Field Communication (NFC) Technology


Short
-
range, high
-
frequency, low
-
bandwidth wireless connectivity standard


Use magnetic field induction


Operates on 13.56 MHz freq. with data transfer rate of up to 424 kbps with a
bandwidth of 14 KHz


Supports two modes of communication: active
-
mode and passive
-
mode


Applications: pairing two devices, smart posters, contactless
-
credit
-
cards, etc


Wireless USB Association (WUSB)


WUSB group was formed in 2004 to define the WUSB specifications


It is a short
-
range (up to 10 m), high
-
bandwidth wireless communication
technology


Replace wired USB


Wi
-
Fi Protected Setup (WPS)


Wi
-
Fi Alliance officially launched Wi
-
Fi Protected Setup (WPS) in early 2007


Secure establishment and configuration of wireless home networks


Windows Connect now
-
Net


Goal is to provide a way to set up secure wireless networks


Works for both in
-
band wireless devices and out
-
of
-
band Ethernet devices

17

2013
-
11
-
30

presented by
gcwang

Some Other Approaches


LoKey
by Nicholson et al. ,


Uses SMS messages to authenticate key exchanged over the
internet


Drawbacks:

Delay and substantial monetary cost



Manual Authentication for Wireless Devices
by Gehrmann et
al.


Enable handheld devices to authenticate their public keys by
some kind of user interaction


User manually exchanges short message authentication codes
between the devices



A Generic Framework for Secure Device Association
by
Malkani et al.


Device first register their capabilities with the directory service


Then, client queries the directory service to discover and
acquire the required information to initiate the pairing process

18

2013
-
11
-
30

presented by
gcwang

Co
-
location

Server

1. Device

Description

1. Device

Description

1. Device

Description

2. Client’s

Query

3. Server

Response

Authentication Process

Directory

1. Device

Description

3. Server

Response

Resource

(Target Device)

Client Device

Some Other Approaches

19

2013
-
11
-
30

presented by
gcwang

Summary and Future Directions for Research


No single solution or standard for device pairing


Too many solutions


Entering pins (e.g. Bluetooth devices) and passwords
(e.g. WEP/WPA)


Comparing two audible sequences


Exchanging cryptographic material through the use of
pure audio


Verifying hashes of public keys


Moving around and/or shaking devices together


Comparing ‘Blinking’ pattern and ‘Beeping’ sequence


Using SMS messages


Button presses, etc.

20

2013
-
11
-
30

presented by
gcwang

Summary and Future Directions for Research


Pairing protocols vary in the:


Strength of their security


The level of required user intervention


Their susceptibility to environmental conditions


Required physical capabilities of the devices


Required proximity between the devices


Majority of the users are non
-
technical


Difficult to remember the different kinds of steps
for establishing secure channel in varying
situations and scenarios

21

2013
-
11
-
30

presented by
gcwang

Summary and Future Directions for Research


We need to:


Investigate ways of integrating different pairing protocols
within a general architecture for providing secure and
usable pairing mechanisms for a large set of ad hoc
scenarios


Integrate discovery mechanism into pairing schemes


Design and develop new tools that can be used to
evaluate the existing as well as new pairing schemes

22

2013
-
11
-
30